You can configure up to three RADIUS servers per SBC. When more than one RADIUS server is configured and RADIUS authentication is attempted, the server configured with the lowest numeric priority value is tried first. If fallback is configured, the server with the next lowest numeric priority value is tried next. SBC allows a configurable number of retries and time-outs before retry.

To View the List of Radius Servers

On the SBC main screen, go to Administration > Users and Application Management > Radius Authentication>Radius Server. The Radius Server window is displayed.

Figure : Radius Server Window

To Create a Radius Server

Note

You can configure up to three RADIUS servers per SBC. The New Radius Server option is not available once three servers are configured.

To create a new RADIUS server configuration:

Click New Radius Server. The Create New Radius Server window is displayed.

Figure : Create New Radius Server Window

Use the following table to specify configuration for a RADIUS server, then click Save.

Table : RADIUS Server Paramters

Parameter

Description

Server Name

The name for the RADIUS server (up to 23 characters).

Priority

When configuring multiple RADIUS servers, use this attribute to specify the order to attempt RADIUS authentication. The RADIUS server with the lowest numeric priority value is contacted first.

State

Operational state of the RADIUS server. Options are

Disabled (default)

Enabled

Radius Server IP

The IPv4 address of the RADIUS server. The default value is 0.0.0.0.

Note

IPv6 configuration for RADIUS servers is not supported at this time.

Radius Server Port

The RADIUS server port to which the SBC sends requests. Range: 1-65535. The default value is 1812.

Radius Nas IP

The IPv4 address of the SBC to send in the ACCESS_REQUEST message. The default value is 0.0.0.0.

Radius Shared Secret

The shared secret used to encrypt the data exchanged between the SBC and the RADIUS server. Range: 6-128 characters.

Mgmt Interface Group

The Management Interface Group to use to connect to the RADIUS server.

Note

In an SBC HA configuration, four management IP addresses must be listed:

mgt0 and mgt1 IP addresses of the Active CE

mgt0 and mgt1 IP addresses of and Standby CE

Authentication Method

The type of authentication to use.

Pap – Password Authentication Protocol. The password is sent in the RADIUS request, encoded with the shared secret. (default)

PeapmschapV2 – Protected EAP/ Microsoft Challenge Handshake Authentication Protocol. The password is sent using the Extensible Authentication Protocol over TLS and authenticated using the Microsoft Challenge Handshake Authentication Protocol.

To Copy a Radius Server

Note

You can configure up to three RADIUS servers per SBC. The Copy Radius Server option is not available once three servers are configured.

To copy the configuration of an existing RADIUS server and modify it to create a new configuration:

Click the radio button adjacent to its name.

Click Copy Radius Server. The Copy Radius Server window opens showing the values of the configuration you are copying.

Make changes to the fields as needed and click Save.

To Delete a Radius Server

To delete a RADIUS server configuration:

Click the radio button adjacent to the name of the RADIUS server configuration you want to delete.